GHSA-37g4-qqqv-7m99
GHSA-47cr-f226-r4pq
GHSA-7r28-6j42-p3gg
GHSA-mr3j-p26x-72x4
GHSA-mr9r-mww3-v6gv
GHSA-q485-cg9q-xq2r
GHSA-vq4q-79hh-q767
GHSA-w5ff-2mjc-4phc
Severity by source
AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
Lifecycle Timeline
4DescriptionGitHub Advisory
Summary
SVG attribute values derived from user-supplied options (backgroundColor, fontFamily, textColor) were not XML-escaped before interpolation into SVG output. This could allow Cross-Site Scripting (XSS) when applications pass untrusted input to createAvatar() and serve the resulting SVG inline or with Content-Type: image/svg+xml.
Affected packages
@dicebear/core-backgroundColoroption values interpolated into SVG attributes without escaping (affectssolidandgradientLinearbackground types)@dicebear/initials-fontFamilyandtextColoroption values interpolated into SVG attributes without escaping
Fix
All affected SVG attribute values are now properly escaped using XML entity encoding. Users should upgrade to the listed patched versions.
Mitigating factors
- Applications that validate input against the library's JSON Schema before passing it to
createAvatar()are not affected - The DiceBear CLI validates input via AJV and was not vulnerable
- Exploitation requires that an application passes untrusted, unvalidated external input directly as option values
AnalysisAI
DiceBear avatar generation libraries (@dicebear/core and @dicebear/initials) are vulnerable to stored XSS through unescaped SVG attributes when user-supplied options like backgroundColor, fontFamily, and textColor are directly interpolated into SVG output. Attackers can inject malicious JavaScript that executes when the resulting SVG is rendered inline or served with SVG content-type, affecting any application that passes untrusted input to the createAvatar() function. No patch is currently available.
Technical ContextAI
Cross-site scripting (XSS) allows injection of client-side scripts into web pages viewed by other users due to insufficient output encoding.
RemediationAI
Encode all user-supplied output contextually (HTML, JS, URL). Implement Content Security Policy (CSP) headers. Use HTTPOnly and Secure cookie flags.
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-14182